Cybersecurity researchers have disclosed details of a new
Linux backdoor named PamDOORa that's being advertised on the Rehub
Russian cybercrime forum for $1,600 by a threat actor called
"darkworm." The backdoor is designed as a Pluggable Authentication
Module (PAM)-based post-exploitation toolkit that enables
persistent SSH access by means of a magic password and specific TCP
port combination.
Read more https://thehackernews.com/2026/05/new-linux-pamdoora-backdoor-uses-pam.html
